steev

hermes/steev

Fork 0

Commit Graph

Author	SHA1	Message	Date
Svrnty	2491d48151	feat(steev): Wave 8 PAUSE-walk — apply Q4-Q10 + bte leak fix + proton-tools SKILL.md Q4: confirm personal-scope discriminators (chat_facing, delegates_to=[ceo-planb], sovereign_only=false) Q5: drop google-workspace cred — builtin manages own OAuth via Hermes hub (not credctl vault) Q6: split proton-bridge-imap → proton-bridge-imap-user + proton-bridge-imap-pass (vault exact-match) Q7: rename perplexity-api → perplexity (vault exact-match) Q8: add 3 proton vault entries (account-email, account-password, mailbox-password) Q9: install.sh F6 — MCP allowlist materialization; wires 3 proton MCPs, removes bte (hard-rule leak) Q10: macOS-only externals annotated os_constraint:darwin; install.sh F7 emits INFO on non-Darwin credbridge.sh: drop google-workspace case, rewrite proton-bridge to use 2 vault entries, rename perplexity case Disclosure §7 rewritten with 6 credentials matching vault exact-name policy (DISCLOSURE-SCHEMA §4.5) Disclosure §12 PAUSE table marked all 8 rows RESOLVED (rows 1-7 Wave 8, row 8 Wave 7) Untracked skills/proton-tools/SKILL.md (90 lines, declared in manifest since Wave 4) — committed for clone-ability Verified: hermes -p steev skills list → 6 enabled (matches disclosure.skills declaration) hermes -p steev mcp list → 3 entries (proton-calendar, proton-email, proton-contacts); bte removed F7 on Linux host correctly suppresses macOS-only externals Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-24 18:13:40 -04:00
Svrnty	b85b266dcb	feat(disclosure): Wave 7 D2 — steev schema v2 — sprint 2026-05-25	2026-05-24 16:53:16 -04:00
Svrnty	8e8ced470b	feat(disclosure): Wave 4 — steev disclosure: block (CLAUDE.md hard-rule fix: REMOVE bte MCP) — sprint 2026-05-24 Applies Wave-3 auto-approved recommendations per sot/06-REGISTRY/audits/RECOMMENDATIONS-steev-2026-05-24.md. HARD-RULE FIX: - REMOVE bte MCP (inherit_mcp_toolsets: false + mcp_servers: []). bte = Plan B marketing platform; steev/CLAUDE.md:14 forbids access. Auto-approved REMOVE/DROP: - 17 silently-inherited builtin skills denied (inherit_builtins: false). - Skills allowlist narrowed to 6: steev-agent, proton-tools, google-workspace, obsidian, himalaya, kanban-worker. ADD (auto-approved): - schema_version: 1 - inherit_builtins: false, inherit_mcp_toolsets: false ADD (PAUSED-for-JP rows surfaced in DISCLOSURE.md §12): - Personal-scope discriminators (scope/chat_facing/delegates_to/sovereign_only) populated per audit §7d; values confirmation pending JP. - 3 cred name-mismatches kept as-declared in manifest; rename decision deferred (manifest vs vault vs bundle-indirection — W3.4 governance class). - 4 manifest-declared MCP installs (mcp_proton_*, mcp_perplexity) not registered; install ordering deferred. Surface: 2 files only — steev/manifest.yaml + steev/DISCLOSURE.md. sot-precommit --full-tree: EXIT 0. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-24 15:59:58 -04:00

Author

SHA1

Message

Date

Svrnty

2491d48151

feat(steev): Wave 8 PAUSE-walk — apply Q4-Q10 + bte leak fix + proton-tools SKILL.md

Q4: confirm personal-scope discriminators (chat_facing, delegates_to=[ceo-planb], sovereign_only=false)
Q5: drop google-workspace cred — builtin manages own OAuth via Hermes hub (not credctl vault)
Q6: split proton-bridge-imap → proton-bridge-imap-user + proton-bridge-imap-pass (vault exact-match)
Q7: rename perplexity-api → perplexity (vault exact-match)
Q8: add 3 proton vault entries (account-email, account-password, mailbox-password)
Q9: install.sh F6 — MCP allowlist materialization; wires 3 proton MCPs, removes bte (hard-rule leak)
Q10: macOS-only externals annotated os_constraint:darwin; install.sh F7 emits INFO on non-Darwin

credbridge.sh: drop google-workspace case, rewrite proton-bridge to use 2 vault entries, rename perplexity case
Disclosure §7 rewritten with 6 credentials matching vault exact-name policy (DISCLOSURE-SCHEMA §4.5)
Disclosure §12 PAUSE table marked all 8 rows RESOLVED (rows 1-7 Wave 8, row 8 Wave 7)

Untracked skills/proton-tools/SKILL.md (90 lines, declared in manifest since Wave 4) — committed for clone-ability

Verified:
  hermes -p steev skills list → 6 enabled (matches disclosure.skills declaration)
  hermes -p steev mcp list → 3 entries (proton-calendar, proton-email, proton-contacts); bte removed
  F7 on Linux host correctly suppresses macOS-only externals

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-24 18:13:40 -04:00

Svrnty

b85b266dcb

feat(disclosure): Wave 7 D2 — steev schema v2 — sprint 2026-05-25

2026-05-24 16:53:16 -04:00

Svrnty

8e8ced470b

feat(disclosure): Wave 4 — steev disclosure: block (CLAUDE.md hard-rule fix: REMOVE bte MCP) — sprint 2026-05-24

Applies Wave-3 auto-approved recommendations per
sot/06-REGISTRY/audits/RECOMMENDATIONS-steev-2026-05-24.md.

HARD-RULE FIX:
  - REMOVE bte MCP (inherit_mcp_toolsets: false + mcp_servers: []).
    bte = Plan B marketing platform; steev/CLAUDE.md:14 forbids access.

Auto-approved REMOVE/DROP:
  - 17 silently-inherited builtin skills denied (inherit_builtins: false).
  - Skills allowlist narrowed to 6: steev-agent, proton-tools, google-workspace,
    obsidian, himalaya, kanban-worker.

ADD (auto-approved):
  - schema_version: 1
  - inherit_builtins: false, inherit_mcp_toolsets: false

ADD (PAUSED-for-JP rows surfaced in DISCLOSURE.md §12):
  - Personal-scope discriminators (scope/chat_facing/delegates_to/sovereign_only)
    populated per audit §7d; values confirmation pending JP.
  - 3 cred name-mismatches kept as-declared in manifest; rename decision deferred
    (manifest vs vault vs bundle-indirection — W3.4 governance class).
  - 4 manifest-declared MCP installs (mcp_proton_*, mcp_perplexity) not registered;
    install ordering deferred.

Surface: 2 files only — steev/manifest.yaml + steev/DISCLOSURE.md.
sot-precommit --full-tree: EXIT 0.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-24 15:59:58 -04:00

3 Commits